You might wonder why Windows 7 is not referenced in the KB4012598 update. This is because the updates for Windows 7 came out in March under a different KB reference (KB4012212 and others) to address the MS17-010 vulnerability. See this link for the list:
U.S. users have thus far not been impacted to the same degree as elsewhere but more "WannaCry" variants are expected.
While these updates first became available in March for most operating systems, updates for non-supported Windows XP (both 32 and 64 bit versions) only became available on May 13, 2017 (and was rather surprising since MS has not been issuing free updates for XP for some time now).
Users still running XP should immediately install the appropriate update from the catalog link. Installing the update takes only a few minutes. It does require a reboot Even if your PC typically does not have direct Internet access, it is advisable to install this update since it would help to stop the spread of this latest ransomware virus from spreading from one PC (that might have Internet access) to others (that might not) on the same network. The security patch can be downloaded to a shared folder on your network or to a thumb or external drive, and then run on other PC's on your network or in your office without their having any web access.
While we are not a fan of automatic updates, some updates are from time to time important to install regardless of how careful users are with inbound e-mail, anti-virus protection, and in the web sites they visit.
There is some amount of misinformation about this virus and how it spreads. Your greatest vulnerability is once again by opening e-mail attachments from unsavory sources, often disguised to look like it is from someone you know and/or that purports to contain an attached invoice or purchase order, etc. End user education remains critical.
It is indeed unfortunate that there are individuals that would choose to spend their time and resources spreading malware rather than on pursuits that would benefit society and/or the health of the planet. It is also highly unfortunate how the NSA handled this situation in terms of both safeguarding its information, in developing unsavory methods of hacking into computer systems in the first place, and not promptly acting to notify Microsoft and others of the threat so that these security updates could have been made available sooner.
Note: If infected, do not pay the ransom. Even if you pay it, you may still not receive an unencrypt key, more so this time around than ever. Immediately consult your IT support if you receive any pop-up messages or if you start to see file extensions of .WCRY.
Post a Comment